Extracted

• • Target

    333b4a89730feb420bc1a76bed5c75943e663abd60eaf91c1bafd8417ccab76d.exe

  • Size

    454KB

  • MD5

    617c28ec9403e42fbbce2915d7b9ca98

  • SHA1

    12676d2161a1a8640a555bbce0fd7dcbb1ceb903

  • SHA256

    333b4a89730feb420bc1a76bed5c75943e663abd60eaf91c1bafd8417ccab76d

  • SHA512

    bbc67585f09c19cabaae345ee57c5bdca551ee1349c24b0404a9cc570bb467ee2e807a4eca4bcf150d424b7b40407c241a8e7679d18b7e05ac63a3e9ddee4994

  • SSDEEP

    12288:y/6fGJ3rRkmrrLG9oouz/rJdNOY/WrdqgYic81v:FCbRzLG+ourldNOYkdPo81v

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2